Two Major Cybersecurity Risks at Fast-Growing Companies

This year’s Allianz Risk Barometer 2020, from top global insurer Allianz Global Corporate & Speciality (AGCS), puts cyber incidents up two places from last year’s list to the greatest threat to businesses this year. 

Seven years ago, it ranked only 15th with just 6% of responses to put it in context.

Awareness of cyber threats has proliferated in recent years, driven by companies increasing reliance on cloud-based SaaS applications and several high-profile incidents. 

The report points to the threat of more massive and more expensive data breaches, the rising number of ransomware and spoofing attacks, and the prospect of fines and litigation.

Businesses that don’t protect themselves as they grow are often the ones that typically have the most challenging time recovering from an attack. 

The Marriotts and Adobes of the world certainly don’t want their brand tarnished, but they also have the financial strength and brand loyalty to muster through.

It’s the rapid-scaling midsize and smaller enterprise businesses amid rapid growth that don’t have the resources to bounce back quickly if they’re attacked.

It’s why they need to pay particular attention to these cybersecurity risks.

 

Cyber Security Risk Assessment: Is Shadow IT a Problem?

One thing that all rapidly growing companies worry about is their growth being hampered by needless bureaucracy. It’s why IT staff at these organizations have mixed feelings about Shadow IT.

Shadow IT refers to software applications used within organizations without explicit organizational approval. If you don’t know something exists in the first place, it’s impossible to monitor the security risks involved.

Shadow IT makes it easier for your employees to do their jobs. The easier it is for your employees to do their jobs, the better for your organization.

A survey of 1000 US-based IT professionals by Entrust Datacard found that 77 percent of IT professionals believe their organizations could earn an edge if company leaders were more collaborative with their businesses to find Shadow IT solutions. (We’ve even written before about using Shadow IT to make your employees more productive.)

The problem is that the ease of purchasing SaaS apps makes companies lazy when making sure they are secure. As much as 60% of hacked SMEs go out of business after six months.

A Shadow IT policy that allows employees to experiment with new tools while mitigating Shadow IT risks is a competitive advantage. It’s also achievable.

First things first, IT must not be in the dark about which apps are being used and, most importantly, what data goes to the cloud. 

Most companies are aware that there’s a shadow application or two making their way past the IT infrastructure. According to Cisco’s Shadow IT report, the problem is that they underestimate that number by a factor of 15 to 22.

The quickest way to gain visibility? Use a SaaS management platform like Augmentt. You automate by using our advanced log file analysis framework. We allow you to quickly identify every SaaS application used on your network across the entire employee base.

From there, we recommend declaring a Shadow IT amnesty. This amnesty invites people to start a dialogue, encouraging employees to discuss why they need a particular shadow IT solution and why existing software is not up to the task.

With this approach, you can balance both the need to control what applications are in your network and not slow down or hamper your growth.

 

The Cybersecurity Risk of Insider Threats

It’s a fact of life at most rapidly growing companies that there’s significant employee turnover. That means mostly employees joining, but also employees leaving. Amidst all of the “chaos,” it’s easy to forget to ensure that an employee is appropriately offboarded.

Hence why insider threats are a significant concern for growing companies. An insider threat is a risk to an organization that is caused by the actions of employees, former employees, business contractors, or associates. 

This is a growing problem and can put employees and customers at risk or cause the company financial damage.  Within growing businesses, insider threats are significant as more employees have access to multiple accounts that hold more data. 

Research has found that 62% of employees have reported having access to accounts they probably didn’t need.

There needs to be an exact offboarding process to stop insider threats. (We’ve written before about the critical nature of user lifecycle management).

The challenge is that you need to figure out what apps employees have signed up for and used, what access permissions you must revoke, and what company data resides in these apps. 

With the proliferation of Shadow IT, it’s not always easy to do this. With a SaaS management platform, you get a single dashboard for all SaaS apps and usage. This can increase visibility and avoid security risks associated with employee offboarding.

For example, employees can be quickly onboarded and offboarded to and from the applications they need. Plus, reports can readily show which users have access to what applications, and which licenses.

These processes can automate and simplify life for IT, enabling greater efficiency and productivity.

 

Critical Takeaways From Cybersecurity Risks at Fast-Growing Companies

The enthusiasm of a startup mentality is unparalleled in its ability to make magic happen. But it has an expiry date. At some point, you need to ensure that certain business risks, such as cybersecurity, are taken into account. The best place to start is with two major threats to your business.

Derik Belair

As President and CEO, Derik leads the vision, strategy and growth of Augmentt. Prior to founding Augmentt, Derik was the Vice President at SolarWinds, leading the digital marketing strategy for SolarWinds’ Cloud division. Derik has been working in the channel for over 20 years, starting his career as a channel sales rep at Corel Corp. and eventually becoming the first employee at N-able Technologies in April of 2000.
SUBSCRIBE for more resources
Related Content

Agent and Agentless

    When it comes to Augmentt Discover, we believe in flexibility and power. Augmentt Discover can collect SaaS usage data using both an Agent and Agentless model. Here is a quick [...]
    Read

    Product Evaluation Guide

      Thank you for starting your Augmentt Product Evaluation and Trial   Here are a few resources that will help you through this technical process. Support Technical Support is available to [...]
      Read
      Augmentt is a centralized SaaS security platform built for MSPs to deliver scalable managed security services for Microsoft and cloud apps. Our multi-tenant platform gives you visibility across all your end-users to easily audit, protect and detect security threats for a holistic approach to cyber security.

      Want to get the latest resources in Saas Security?

      Join our mailing list and we’ll only send you value-add content.